Message ID | 20171222163001.729461.63411.stgit@skinsbursky-vz7.qa.sw.ru |
---|---|
State | New |
Series | "spfs: start SPFS manager in containers network namespace" |
Headers | show
Delivered-To: criupatchwork@gmail.com Received: from gmail-imap.l.google.com [64.233.165.109] by patchwork.criu.org with IMAP (fetchmail-6.3.26) for <root@localhost> (single-drop); Fri, 22 Dec 2017 17:33:01 +0100 (CET) Received: by 10.236.179.132 with SMTP id e4csp2385998pjr; Fri, 22 Dec 2017 08:32:56 -0800 (PST) X-Google-Smtp-Source: ACJfBovj7cQnAlxhMDpTaK2nIJfNSMdluqBgC9pHOTh7FtnTH+3uXnJIVDOf2FDdmcyfPmMXHW+2 X-Received: by 10.84.218.143 with SMTP id r15mr14745224pli.53.1513960376017; Fri, 22 Dec 2017 08:32:56 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1513960375; cv=none; d=google.com; s=arc-20160816; b=N2vnVVhgGUEJ6sUZIx3rBQ+imrZ3V3JnTosqHvt/pX4Dm6144AG3vFx3MOqNtRmfAs 7aTSWPMa2qPnfCrz4E9vRaY2N6Q6k7AjcZwEzR54fygYjiosopN5IZXM7nlKdDrEb4jX l95qsVoM1O4V9vXBfK90doP7sf4nvFhRFMBxbBWwEhTHfDKT9DNr4RM9s56BJ9uAg0LD kDjTmua3Qy3SRdQ78qW3hmntSfkmzn5GQ+CQMszHiSKQwhfOJotlbGh0b5KYlNI69xeL 5siYA083tzR6PzlDwoE3n5dfdspvtb7Jeopr0IE63RRC+yOrQV1q1EKZ2rbtOgKuFfBl BkrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:sender:content-transfer-encoding:list-subscribe:list-help :list-post:list-archive:list-unsubscribe:list-id:precedence:subject :spamdiagnosticmetadata:spamdiagnosticoutput:mime-version:user-agent :message-id:date:to:from:arc-authentication-results; bh=vB8QkZBa0KKTfU3K2cxexFi11n+RS8/jDUT/+P7Q41c=; b=Y/nZUV9f0cSLx5a+Z/fXVjuy3WiRUgBzpjobr/LzW6flYIlFqagjlXP42iTozY/9nd nMmBcKN+wxc1MyZYXkkA1XsTRwDO5IYPkyvEvK9wJQGtl+cF9Chxl6rddi/Mr6kqcl1r GWZfdKZ3lyL1oh48bv5SiB03IeKAd58F876zbsFbCV4FTemRJ+j65eWFNgHOjv17dDq2 iOPvhH3J53JBpTa8NVucSKCFEk+1QBr3p5cxcmjvYAfDZNA3ToJfzFqMg6vDtEjHa/B2 gDzA8l53SrSo3GfErvQ2Z3gLXwY77pla67lgj/ZHrb5AxcflN7ZryzxFHPsLowywP+Dq w5AA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of devel-bounces@openvz.org designates 195.214.232.140 as permitted sender) smtp.mailfrom=devel-bounces@openvz.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Return-Path: <devel-bounces@openvz.org> Received: from mail.openvz.org (mail.openvz.org. [195.214.232.140]) by mx.google.com with ESMTPS id be1si14472803plb.48.2017.12.22.08.32.53 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 22 Dec 2017 08:32:55 -0800 (PST) Received-SPF: pass (google.com: domain of devel-bounces@openvz.org designates 195.214.232.140 as permitted sender) client-ip=195.214.232.140; Authentication-Results: mx.google.com; spf=pass (google.com: domain of devel-bounces@openvz.org designates 195.214.232.140 as permitted sender) smtp.mailfrom=devel-bounces@openvz.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Received: from mail.openvz.org (localhost [127.0.0.1]) by mail.openvz.org (8.14.4/8.14.4) with ESMTP id vBMGUgZv026842; Fri, 22 Dec 2017 19:30:45 +0300 Received: from EUR01-DB5-obe.outbound.protection.outlook.com (mail-db5eur01lp0179.outbound.protection.outlook.com [213.199.154.179]) by mail.openvz.org (8.14.4/8.14.4) with ESMTP id vBMGUfAF026838 for <devel@openvz.org>; Fri, 22 Dec 2017 19:30:41 +0300 Received: from AM4PR08CA0051.eurprd08.prod.outlook.com (2603:10a6:205:2::22) by DB6PR0801MB1880.eurprd08.prod.outlook.com (2603:10a6:4:74::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.323.15; Fri, 22 Dec 2017 16:30:26 +0000 Received: from VE1EUR01FT013.eop-EUR01.prod.protection.outlook.com (2a01:111:f400:7e01::200) by AM4PR08CA0051.outlook.office365.com (2603:10a6:205:2::22) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.345.14 via Frontend Transport; Fri, 22 Dec 2017 16:30:25 +0000 Authentication-Results: spf=pass (sender IP is 195.214.232.25) smtp.mailfrom=virtuozzo.com; openvz.org; dkim=none (message not signed) header.d=none; openvz.org; dmarc=pass action=none header.from=virtuozzo.com; Received-SPF: Pass (protection.outlook.com: domain of virtuozzo.com designates 195.214.232.25 as permitted sender) receiver=protection.outlook.com; client-ip=195.214.232.25; helo=relay.sw.ru; Received: from relay.sw.ru (195.214.232.25) by VE1EUR01FT013.mail.protection.outlook.com (10.152.2.215) with Microsoft SMTP Server (version=TLS1_0, cipher=TLS_RSA_WITH_AES_256_CBC_SHA) id 15.20.302.6 via Frontend Transport; Fri, 22 Dec 2017 16:30:24 +0000 Received: from skinsbursky-vz7.qa.sw.ru (msk-vpn.virtuozzo.com [195.214.232.6]) by relay.sw.ru (8.13.4/8.13.4) with ESMTP id vBLLVaTS031178; Fri, 22 Dec 2017 00:31:36 +0300 (MSK) From: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> To: <devel@openvz.org> Date: Fri, 22 Dec 2017 19:30:24 +0300 Message-ID: <20171222163001.729461.63411.stgit@skinsbursky-vz7.qa.sw.ru> User-Agent: StGit/0.17.1-dirty MIME-Version: 1.0 X-EOPAttributedMessage: 0 X-Forefront-Antispam-Report: CIP:195.214.232.25; IPV:CAL; SCL:-1; CTRY:RU; EFV:NLI; SFV:SKN; SFS:; DIR:INB; SFP:; SCL:-1; SRVR:DB6PR0801MB1880; H:relay.sw.ru; FPR:; SPF:None; LANG:en; X-Microsoft-Exchange-Diagnostics: 1; VE1EUR01FT013; 1:/pcUNSsHth/OnQrn6IydHKLHL/PZQy8VC+XQzjmbBgcHIULdrPB8LFRk03GoNgc0UcHOpLSBmUIxZjiOAMRAoVR0wand7TrXTX4fLn5ha2YS1tsSU+v41FkazFO1n7Mo X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 4c7ca269-2153-415e-ac26-08d549594df8 X-Microsoft-Antispam: UriScan:; BCL:0; PCL:0; RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(3008031)(4608076)(2017052603307)(7153060); SRVR:DB6PR0801MB1880; X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1880; 3:y4uxv6ZAFMAZElO19i/EnpCM0O0ssBVa+3yUxryKDwwxWUinQ82Wcd/PZjvGd+D2M16qbDvkVVGZzg2m+N+IB/f09s1tAFNJf+vuuRbNjoSEKjAt1i8fTsS0UWfs7BsXFQ2408qVZEmElAlhMoblBZotQZiRBbqKXIjOUdERnAD/O3gjQdqB3D6pDmgB9XqPPnZjSufH0BRof5++4AcbTGfyF1mRF2j9VqaxK14qHtdEDDmymBLtXwK5T6IzEvi/C+vA171oby8AGmEcXvAVfSdSrcTbiZCkmgfIMP1fAlrBRy9yFYUKdfYwoLe/Zva0DiW4U7AqcDF0fA5OtcOaE1BwQxex6s+VaZcxBCQM6aA=; 25:D9eLuWPd3vAVFAylPYtog/WXjTNlIp/ekhHL6YpRjUgDeTszx5XgXJwqtBxgqVpgoEHYuqtz0hnNkOoEkMScb5esRf985aZL53PBss1g9ZR09a4X4Q6v1988c/kBUvmp4WOA0AS1RcRrDjRQ6cGrx1KpyTGdx1nkCSrqhIOndTDxxoGlQ3eNIrtnyuBpCGJu4NGWwuzpg+jYJi0bzoQdNvRP+CQ44QLScaMpXVDQL9QAJbzE0E9h+zkCcu1zxjB6UT+8QIhWRExproQ2zKO/Efv/KMU8WpgliQFJ8rwiSj0ZGp9t4xhK+OT/IgxBrw2F60tRp0lO6t+xRshohK/IhA== X-MS-TrafficTypeDiagnostic: DB6PR0801MB1880: X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1880; 31:K4ittptVDKCYdT41rbsuBYA68XBBrZF+/LDBegICgF2x/iDytAHZzj6B1vXWCHQWELLv2SF7Ff33i7aIlugYznGgZxhu6Q80xkw9kDrC86Z1JsUeLdasdO1yuXkpSLxOTTagk6ZwHCPOTeiwaamyEaHndaIuzC+cUX0ed5mIcU2NF11eQN+N7Vmpd6cgTW9V9lpfpfjn43UgiM9deGYYEBJv8O5ir1yIeyJ6zoWTJ34=; 20:OXqBkalBqZFSPUEwYHi151GEdjzpm6hhP378jsrNfIYoqbVP5IkBKTtfEyoN4qF4FU0O5eu7g1SgbkNFs0o/f/2o/xj8OyLfcsBd3Snk/Ol0w12IeUz1yHh0vObAojsN4rDX9YRunU2uN0Tj21k/N2vvu+WwHFzWnu393ci5UHmjW5z4Nl0rJSimbx0hhYK68y9mYjQunui+bAcr9ORQFvu++t7FyZRmX9xRrhQ6+tkRY9qTVX1Y/sPdpI5fiRmuhepQCRuVUfVAQFCcVZXxdy1w5pAX0RdWwUpWfxe/7DdCA6yUOSH3zZDt+hL71ZvnQetUok6/EuldTImNKXTYZbtUvpk5wR5suz4sQaPuMS6/wqdisedys0d5u9o3KL7BLdrdKJXMB6pwidVQJ/2SJddXHcKt5xqBj8ytULvTactujQo5h8Ri57/ePkUCkAyii8LfajqZizDA9kayMqPDSO7AXXf1c5qhCPIZxkQJKu7hddGZrIwTI0r9ct4WddSDNRz5umW5rt9+OKiQ6qOIKw== X-Exchange-Antispam-Report-Test: UriScan:(215187933766430)(17755550239193); X-Exchange-Antispam-Report-CFA-Test: BCL:0; PCL:0; RULEID:(9101521199)(2401047)(8121501046)(93006095)(93004095)(3231023)(10201501046)(3002001)(201708071742011); SRVR:DB6PR0801MB1880; BCL:0; PCL:0; RULEID:(100000803101)(100110400095); SRVR:DB6PR0801MB1880; X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1880; 4:4XuqJSc65lh9bhgSoDA/Sqqkt56goyvRNZALy6dHREegG8K8wL1jVdf5wz83I94xq8x7TBfUmFWVfIP/EpEOzleVIs2yQ0bPh3a2NF7Glm1vsdyv/MmsixJ0bmRRV27aC0z8j740DxjfsFCtNLzo6Nxjsa1I1Bt0trOfX9vN88EZelqefnfhqZKa6bGCEeIqT43qLcSbRs3jVDcriAKZSBKOBkh2/wk7VTVjWj8PMOyJqByVIckDn1ULWGGazFlz4qDRDXcm4tmecN2LteUnEvtoTffkgnG4V3YXYj2Q3JwGDS+9k5FITl70oHdDPreb6FDtUN4ykKEu5G4q7lQinLkAr6LeZ/yD533hf+0tHz0=; 23:5QQFUzX+M6M9U5lG5dBOk6dvuoLGTuNmc5CdFZHESjHnCbJpPHgcui6ml5S+dpWs7TIxRuu5qU5mXohOxDxou1Hr3NU5D13DnuU9Q/8pPxleMJy1B8xsULE0LblqNgCmEF2hKZuoCNorFvA2O0Ck7S8JQe5RKcneOW+MmMb0YKN/FNXWGANmfCllwss0pmPk; 6:2EKSWkIXTKK5rcDuZFxql8xKGg50IsKYMFsHNrsLpwyJq8y+mfjuORkMsWg7E/FWCJHRclswDooUWuzv7x3Hz9nt9iTyN2RiC7g0zlchUkBVF7mKWl6FHxENdc2MlXKm1Z/SYdchwPWRyrXrJunhrDYF8tPFoJ8LUnmdd8zD4FpVPZ/wARqbEj+VH64Lw9AVis7kUC/ZhgBk+0xskRJg4RuwRlY6PrAEltqb4+qsJxyHfsvjuYhgoHzYwVb+GulwfjiNbY+fbjyTOfZv6O4OcDHDC2Y9iDWyR0aaFiEjqUVVIK0dCZgUAbjcCnMgt5VL+g7HPlkqVuMk7Gno6U8zScSApEmKm2YwRXb4Wko6ifw= X-Microsoft-Antispam-Message-Info: o3TCVQ+ddwrsAfKgr/f5F/1loLGtAI2vSVwyiL257IjuIrpAocBLX8yL7dKFoP09qb5fK3AiB9Q0hDYi7JM+3w== X-Microsoft-Exchange-Diagnostics: 1; DB6PR0801MB1880; 5:xnykiSUf/aQAwBszKM6/LI5FtzJ4O3PeUtnw8Mjfc53hhz0+sjiSOu6EjFLTqjxvZbMg8YL5AUXqya1AhB1ImDlG8dNdQ3w19UGeklKDxeqSkQShc/oTtetCQ5vI2qxfMK6g+TXvrz1npk+l2GSE7BXU8xeKbXunNYOeYYhz1xg=; 24:s4wAcRSXzn8X7sOcOhMKiS9KYIs5zH3aNyJHjO3KtHA2wzfK1sKDGU3zukoMip4+6R+5qMl6dSAQWmgsM7Bp/ht8F8YToitJHcSBAVitkJ0=; 7:l7LqOfLUz+nFT/OcxBuuj6YOlWS/4mIZgsHDyzUQKxA+mUB8uWcVZTv6v5jiKY7BbM8OI0BC8LOjgsAaYujBA0phAzrTbbD5LOAD+/v3QCZ4y1lEZ3qqkKwIzO6xJ6W/EbTXgNAJVqIz3PGNRyefqbwjPbWeb/868evxkwYwKS6caYYbioGtTOtdwXKvAUDi0b+a/lKH2wCcFKod0BAs9F43SNp86C2KG6igKQdcJ+2rDXF9b7lxUJEEezTJI8gK; 20:FsDpIKtH/y6N0fqf71YQuEbSo5mm+j0qOV4Fr2JvIw+DP/pmGNF3ZTvqQDtRxxQTvJw2MqGsHaOTJJT20iYylnQI/VFIJiJKUTG0szVb28ttBeFlpxJRuBlol9QlmVXrB0s8UqlG8dd1cCq8XaIJYYMmcNhW1KAyrIeD+pmzx6s= SpamDiagnosticOutput: 1:2 SpamDiagnosticMetadata: 2b2090aae5154f77b71484475de18b04 X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 22 Dec 2017 16:30:24.7790 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 4c7ca269-2153-415e-ac26-08d549594df8 X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=0bc7f26d-0264-416e-a6fc-8352af79c58f; Ip=[195.214.232.25]; Helo=[relay.sw.ru] X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB6PR0801MB1880 X-MS-Exchange-CrossPremises-OriginalClientIPAddress: 195.214.232.25 X-MS-Exchange-CrossPremises-SCL: -1 X-MS-Exchange-CrossPremises-AuthSource: VE1EUR01FT013.eop-EUR01.prod.protection.outlook.com X-MS-Exchange-CrossPremises-AuthAs: Anonymous X-MS-Exchange-CrossPremises-TransportTrafficType: Email X-MS-Exchange-CrossPremises-TransportTrafficSubType: X-MS-Exchange-CrossPremises-Antispam-ScanContext: DIR:Originating; SFV:SKN; SKIP:0; X-MS-Exchange-CrossPremises-Processed-By-Journaling: Journal Agent X-OrganizationHeadersPreserved: DB6PR0801MB1880.eurprd08.prod.outlook.com Subject: [Devel] [PATCH] spfs: start SPFS manager in containers network namespace X-BeenThere: devel@openvz.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: OpenVZ development <devel.openvz.org> List-Unsubscribe: <https://lists.openvz.org/mailman/options/devel>, <mailto:devel-request@openvz.org?subject=unsubscribe> List-Archive: <http://lists.openvz.org/pipermail/devel/> List-Post: <mailto:devel@openvz.org> List-Help: <mailto:devel-request@openvz.org?subject=help> List-Subscribe: <https://lists.openvz.org/mailman/listinfo/devel>, <mailto:devel-request@openvz.org?subject=subscribe> Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Sender: devel-bounces@openvz.org Errors-To: devel-bounces@openvz.org |
diff --git a/criu/spfs.c b/criu/spfs.c index 6ce2ac8..d46fe11 100644 --- a/criu/spfs.c +++ b/criu/spfs.c @@ -21,6 +21,7 @@ #include "spfs.h" #include "proc_parse.h" #include "cgroup.h" +#include "net.h" #define SPFS_MANAGER_WORK_DIR "/run/spfs-manager/%d" #define VE_SPFS_MANAGER_WORK_DIR "/vz/private/%s/dump/spfs-manager/%d" @@ -121,7 +122,7 @@ static char *spfs_manager_log_dir(void) return work_dir; } -static int start_spfs_manager(void) +static int __start_spfs_manager(void) { char *spfs_manager = "spfs-manager"; char *socket_path = spfs_manager_socket_path(); @@ -159,6 +160,24 @@ static int start_spfs_manager(void) return sock; } +static int start_spfs_manager(void) +{ + int old_net_ns, sock; + + if (switch_ns(root_item->pid->real, &net_ns_desc, &old_net_ns)) { + pr_err("failed to switch to containers network namespace\n"); + return -1; + } + + sock = __start_spfs_manager(); + + if (restore_ns(old_net_ns, &net_ns_desc)) { + pr_err("failed to restore original usernsd network namespace\n"); + return -1; + } + return sock; +} + static int get_spfs_mngr_sock(void *start, int fd, pid_t pid) { int sock;
This is needed because in case of killing of a container with SPFS manager inside (due to any restore error) all the network namespaces of container processes will be marked to drop SUNRPC packets (libvzctl does it on fast stop). This in turn happens, because we want to be able to kill container with blocked network and NFS mount inside. Thus all the processes, belonging to VE cgroup have to have containers network namespaces otherwise SUNRPC trafic is dropped in init network namespace, like it happens now. https://jira.sw.ru/browse/PSBM-79733 Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> --- criu/spfs.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-)